«
»

Is Facebook harvesting data from your computer?

Tuesday, January 17th, 2012 by jimmy Email your friend! Facebook this! Tweet this! ShareThis!ShareThis

From time to time I like to glance at the /var/log/system.log file on my Mac. This log file lets know you know what a Mac (or any Unix flavor) computer is doing in the background. Today I noticed something odd… There is a Facebook application running in the background! Why on earth would there be a Facebook application running on my computer. It seems as though it snuck it’s way in when I installed the Skype/Facebook video chat plug-in.

In the system.log file, this is the line that caught my attention:

Jan 12 14:58:19 jimmy com.apple.launchd.peruser.502[208] (com.facebook.videochat.jim.updater[32112]): Tried to setup shared memory more than once

After some googling, I found I wasn’t the only one concerned with this. What Hunter Ford found was interesting, the Facebook plug-in not only updates, as the name suggests, but it’s also harvesting data and sending it back to Facebook. What data does it collect? Running the updater in a terminal window you can see what it’s doing. It is collecting the version number of your operating system and what applications you are running. You can run the updater yourself using the command below. (You may need to adjust it according the to the version you have installed).

/usr/bin/java -cp ~/Library/Application\ Support/Facebook/video/1.0.0.8976/FacebookUpdate.jar FacebookUpdate com.facebook.peep 1.0.0.8976

View the code and you’ll see it runs the following commands:

  • ps -ceo comm=tasks
    Gets the names of currently running processes
  • sw_vers -productVersion
    Gets the version of your operating system
  • dscl . -read $HOME HomeDirectory
    Directory service command (dscl) is a very powerful tool. It can be used to find all kinds of information about your user account including username, password (shadow file) and user’s avatar. In this application is only querying what the home directory of a user is.

The true reason for having this updater maybe benevolent. It is able to self update without your knowledge. Code can be introduced to your computer that harvest more data than it already is. Maybe Facebook is a project funded by the CIA.


Hey Facebook! If I install one of your applications, ask me if I want to update it like Adobe does. Don’t do it with a background process automatically.

About The Author

jimmy

Tags: ,

This entry was posted on Tuesday, January 17th, 2012 at 8:15 pm and is filed under Computers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

  • Yigal

    Very interesting…

  • http://www.facebook.com/the.philip.su Philip Su

    Hey there – I’m one of the Facebook engineers that wrote the video calling feature on Facebook.

    The reason the updater gets a list of the running processes is to check for the video calling process (i.e. to check whether you’re in a call at the moment the updater runs).  It postpones updating until you’re done with your ongoing video call.

    The OS version check lets it work around issues in Mac OSX 10.5.  And the HomeDirectory business checks for permissions on whether the updater can write the downloaded PKG and run it.

    Thanks for mentioning the “Tried to setup shared memory more than once” issue.  This is a bug that we’re looking to fix.

    If you have other questions, please just reach out and ask.  I’m happy to help answer them.

  • Mattis

    The matching log entry in on my Macbook with OS X makes an error message flash for a short second and it disrupts gaming, watching movies – anything I’m doing. Please fix this error or tell me how the heck I can remove the facebook videochat app. 

  • steja

    Yes is disrupts my process too, I already uninstall the Facebook java for video calling apps, but the process is still there even I already reboot. 
    Please update the correct way to uninstall the Facebook video chat in Facebook website. 

  • http://www.cpr-franchise.com/ wireless franchise

    I stopped using the video call for Facebook because I get interrupted . But thank you for sharing this information and @ Philip Su, thank you for the explanation regarding this matter.